#!/bin/sh
#
# Copyright (C) 2000-2022 Kern Sibbald
# License: BSD 2-Clause; see file LICENSE-FOSS
#
#
# check the TLS PSK Enable directive
TestName="psk-enable-test"
JobName=backup
. scripts/functions

scripts/cleanup
scripts/copy-confs

#
# Zap out any schedule in default conf file so that
#  it doesn't start during our test
#
outf="$tmp/sed_tmp"
echo "s%  Schedule =%# Schedule =%g" >${outf}
cp $scripts/bacula-dir.conf $tmp/1
sed -f ${outf} $tmp/1 >$scripts/bacula-dir.conf

change_jobname BackupClient1 $JobName
start_test

Xstat=0

cat <<END_OF_DATA >$tmp/bconcmds
@output /dev/null
messages
@$out $tmp/log1.out
@echo "Test everything should have PSK"
setdebug level=0 tags=network storage=File1 trace=1
setdebug level=0 tags=network dir trace=1
setdebug level=0 tags=network fd trace=1
status storage=File1
status client
status dir
quit
END_OF_DATA

run_bacula

$bperl -e "add_attribute('$conf/bconsole.conf', 'TLSPSKEnable', 'no', 'Director')"
$bperl -e "add_attribute('$conf/bconsole.conf', 'TLSPSKEnable', 'no', 'Console')"

cat <<END_OF_DATA >$tmp/bconcmds
@output /dev/null
messages
@$out $tmp/log0.out
@echo "The console should not have PSK"
setdebug level=0 tags=network dir trace=1
status dir
quit
END_OF_DATA

run_bconsole

if grep "using TLS" $tmp/log0.out > /dev/null
then
    print_debug "ERROR: Should not find TLS in $tmp/log0.out"
    Xstat=1
fi

stop_bacula

$bperl -e "add_attribute('$conf/bconsole.conf', 'TLSPSKEnable', 'yes', 'Director')"
$bperl -e "add_attribute('$conf/bconsole.conf', 'TLSPSKEnable', 'yes', 'Console')"
$bperl -e "add_attribute('$conf/bacula-dir.conf', 'TLSPSKEnable', 'no', 'Client')"
$bperl -e "add_attribute('$conf/bacula-dir.conf', 'TLSPSKEnable', 'no', 'Storage')"
$bperl -e "add_attribute('$conf/bacula-dir.conf', 'TLSPSKEnable', 'no', 'Director')"

cat <<END_OF_DATA >$tmp/bconcmds
@output /dev/null
messages
@$out $tmp/log2.out
@echo "No PSK for the Client and the Storage"
setdebug level=0 tags=network storage=File1 trace=1
setdebug level=0 tags=network dir trace=1
setdebug level=0 tags=network fd trace=1
status storage=File1
status client
status dir
quit
END_OF_DATA

run_bacula
stop_bacula

if grep "using TLS" $tmp/log2.out > /dev/null
then
    print_debug "ERROR: Should not find TLS in $tmp/log2.out"
    Xstat=1
fi

$bperl -e "add_attribute('$conf/bacula-dir.conf', 'TLSPSKEnable', 'yes', 'Director')"
$bperl -e "add_attribute('$conf/bacula-dir.conf', 'TLSPSKEnable', 'yes', 'Client')"
$bperl -e "add_attribute('$conf/bacula-dir.conf', 'TLSPSKEnable', 'yes', 'Storage')"
$bperl -e "add_attribute('$conf/bacula-fd.conf', 'TLSPSKEnable', 'no', 'Director')"
$bperl -e "add_attribute('$conf/bacula-fd.conf', 'TLSPSKEnable', 'no', 'FileDaemon')"
$bperl -e "add_attribute('$conf/bacula-sd.conf', 'TLSPSKEnable', 'no', 'Storage')"
$bperl -e "add_attribute('$conf/bacula-sd.conf', 'TLSPSKEnable', 'no', 'Director')"
$bperl -e "add_attribute('$conf/bconsole.conf', 'TLSPSKEnable', 'no', 'Console')"
$bperl -e "add_attribute('$conf/bconsole.conf', 'TLSPSKEnable', 'no', 'Director')"

cat <<END_OF_DATA >$tmp/bconcmds
@output /dev/null
messages
@$out $tmp/log3.out
@echo "No PSK for the Client and the Storage"
setdebug level=0 tags=network storage=File1 trace=1
setdebug level=0 tags=network dir trace=1
setdebug level=0 tags=network fd trace=1
status storage=File1
status client
status dir
quit
END_OF_DATA

run_bacula
stop_bacula

if grep "using TLS" $tmp/log3.out > /dev/null
then
    print_debug "ERROR: Should not find TLS in $tmp/log3.out"
    Xstat=1
fi


sed -i 's/TLSPSKEnable.*//' $conf/bacula-sd.conf
sed -i 's/TLSPSKEnable.*//' $conf/bacula-dir.conf
sed -i 's/TLSPSKEnable.*//' $conf/bacula-fd.conf

$bperl -e "add_attribute('$conf/bacula-fd.conf', 'TLSPSKEnable', 'no', 'FileDaemon')"
$bperl -e "add_attribute('$conf/bacula-sd.conf', 'TLSPSKEnable', 'no', 'Storage')"

cat <<END_OF_DATA >$tmp/bconcmds
@output /dev/null
messages
@$out $tmp/log4.out
@echo "No PSK for the Client and the Storage"
setdebug level=0 tags=network storage=File1 trace=1
setdebug level=0 tags=network dir trace=1
setdebug level=0 tags=network fd trace=1
status storage=File1
status client
quit
END_OF_DATA

run_bacula
stop_bacula

if grep "using TLS" $tmp/log4.out > /dev/null
then
    print_debug "ERROR: Should not find TLS in $tmp/log4.out"
    Xstat=1
fi

estat=$Xstat
end_test
